TinyURL

I see a lot of people using TinyURL.com and I gotta say it sounds a little scary. For those of you who know, anytime you access any website the IP address of your computer is available to that website’s server. For example here’s some information about you

That means when you go to that site to make a tinyURL they can record that information. On top of which, anytime any person you send that link to clicks on the link that person’s browser will connect to TinyURL.com to get redirected to the actual site but while connecting, again, TinyURL can record both which link was used and the IP address of the person using the link.

In other words, TinyURL can track who made the link and every person who followed the link. There’s all kinds of things that could be used for. A simple one might be advertising. If you like something maybe all your friends do as well. They could also check if one of your links was used by a known criminal or terrorist.

Of course the guy running it is probably a nice guy and is not doing that but it says right on his site that links are valid forever which means he’s keeping at least some of that information. Who knows when someone will make him an offer to sell TinyURL.com and the buyer will decide how to use that info.

Of course any site can track the info shown above and most do. What they can’t do is tell who told you about a particular page. When you use a tinyURL, TinyURL.com can tell who made the link and who it got passed to.

Note: I’m not a paranoid person. Part of this post is because I have friends that use TinyURL and those same friends worry about systems like Plaxo that track similar stuff. Also, Wired.com recently ran an article about TinyURL and didn’t mention the possible issues, something that Wired normally seems hyper sensitive about.

Now if they had some sort of a program that filters this information and matches it with ad banners, they could try and sell me some stuff that I might like; for example they could show me ads for thinkgeek.com or O’Reilly. Some browsers can change the information they send to the server (like Opera) to appear as if they were a different web browser, etc. The server will most likely place a cookie with a string that will tell all affiliated sites what kinds of things you might like (1123#@34, “Look Bill, this guy LOVES unix stuff, lets send him an ad from Sun”) and will show it to you when you return to the website. Or you could just store IP addresses and user agent info and do all kind of neat stuff with it. Say the server records all IP address alon with user agent info and filters out information about your operating system. Then they could try and send you some bogus stuff via “net send” if your operating system was Windows and your user agent was Internet Explorer (since they’d figure if you didn’t bother to get some decent browser, you propably won’t be running a firewall either) and tell you to click some link with spyware, trojan or a virus. Or a link to http://www.mozilla.org and the latest security patch ^_^

sherlock101

just sad journalism

this is just stupid journalism. the article makes tinyurl appear to be first one with the idea. it was not. besides, there are now tons of services like tinyurl and the only two that really stand out are http://snipurl.com or http://notlong.org